apache camel cxf https无法正常工作

时间:2012-07-05 07:56:43

标签: ssl https wsdl cxf apache-camel

我正在尝试使用apache camel cxf发布web服务。我可以使用http访问已发布的Web服务。但是,我尝试使用https配置相同。但我无法让它发挥作用。

下面的

是spring context和wsdl文件的一部分

<camel-cxf:cxfEndpoint id="myEndoint"
    address="http://localhost:9000/PostXml/" serviceClass="com.XXXXXXXXXX.techquest.ServicesPortType"
    xmlns:ssp="http://techquest.interswitchng.com/" endpointName="ssp:PostXml"
    serviceName="ssp:PostXml" />

<http:conduit name="*.http-conduit">
    <http:tlsClientParameters
        secureSocketProtocol="SSL">
        <sec:keyManagers keyPassword="password">
            <sec:keyStore type="JKS" password="password"
                file="A:/apache-sermfino_conf/cherry.jks" />
        </sec:keyManagers>
        <sec:trustManagers>
            <sec:keyStore type="JKS" password="password"
                file="A:/apache-ser/truststore.jks" />
        </sec:trustManagers>
        <sec:cipherSuitesFilter>
            <!-- these filters ensure that a ciphersuite with export-suitable or 
                null encryption is used, but exclude anonymous Diffie-Hellman key change 
                as this is vulnerable to man-in-the-middle attacks -->
            <sec:include>.*_EXPORT_.*</sec:include>
            <sec:include>.*_EXPORT1024_.*</sec:include>
            <sec:include>.*_WITH_DES_.*</sec:include>
            <sec:include>.*_WITH_AES_.*</sec:include>
            <sec:include>.*_WITH_NULL_.*</sec:include>
            <sec:exclude>.*_DH_anon_.*</sec:exclude>
        </sec:cipherSuitesFilter>
    </http:tlsClientParameters>
    <http:client AutoRedirect="true" Connection="Keep-Alive" />
</http:conduit>

=============================================== ================================

<wsdl:portType name="ServicesPortType">
    <wsdl:operation name="PostXml">
        <wsdl:input message="tns:PostXml" />
        <wsdl:output message="tns:PostXml" />
    </wsdl:operation>
</wsdl:portType>            
<wsdl:binding name="ServicesSoap12Binding" type="tns:ServicesPortType">
    <soap12:binding style="document"
        transport="http://schemas.xmlsoap.org/soap/http" />
    <wsdl:operation name="PostXml">
        <soap12:operation soapAction="PostXml" style="document" />
        <wsdl:input>
            <soap12:body use="literal" />
        </wsdl:input>
        <wsdl:output>
            <soap12:body use="literal" />
        </wsdl:output>
    </wsdl:operation>
</wsdl:binding>         
<wsdl:service name="ServicesPortTypeService">
    <wsdl:port binding="tns:ServicesSoap12Binding" name="ServicesSoap12Endpoint">
        <soap12:address location="http://localhost:9000/PostXml" />
    </wsdl:port>
</wsdl:service>

2 个答案:

答案 0 :(得分:3)

第一个配置是针对http客户端而不是服务器端。 您可以在此处找到配置示例[1]

[1] http://cxf.apache.org/docs/jetty-configuration.html

答案 1 :(得分:0)

我能够使用camel-config.xml配置apache-camel-2.19.4:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:camel="http://camel.apache.org/schema/spring"
    xmlns:cxf="http://camel.apache.org/schema/cxf" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
    xmlns:sec="http://cxf.apache.org/configuration/security" xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:cxfcore="http://cxf.apache.org/core"
    xsi:schemaLocation="
       http://www.springframework.org/schema/beans                http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/context              http://www.springframework.org/schema/context/spring-context.xsd
       http://camel.apache.org/schema/spring                      http://camel.apache.org/schema/spring/camel-spring.xsd
       http://camel.apache.org/schema/cxf                         http://camel.apache.org/schema/cxf/camel-cxf.xsd
       http://cxf.apache.org/configuration/security               http://cxf.apache.org/schemas/configuration/security.xsd
       http://cxf.apache.org/transports/http/configuration        http://cxf.apache.org/schemas/configuration/http-conf.xsd
       http://cxf.apache.org/transports/http-jetty/configuration  http://cxf.apache.org/schemas/configuration/http-jetty.xsd
       http://cxf.apache.org/core                                 http://cxf.apache.org/schemas/core.xsd
       ">
  <cxf:cxfEndpoint id="my-endpoint-http"
    address="http://localhost:8080/test"
    endpointName="tns:endpointName1" serviceName="tns:endpointServiceName1"
    wsdlURL="myService.wsdl" xmlns:tns="myServiceWsdlNamespace">
    <cxf:properties>
      <entry key="allowStreaming" value="true" />
      <entry key="autoRewriteSoapAddressForAllServices" value="true" />
    </cxf:properties>
  </cxf:cxfEndpoint>

  <cxf:cxfEndpoint id="my-endpoint-https"
    address="https://localhost:8443/test"
    endpointName="tns:endpointName1" serviceName="tns:endpointServiceName1"
    wsdlURL="myService.wsdl" xmlns:tns="myServiceWsdlNamespace">
    <cxf:properties>
      <entry key="allowStreaming" value="true" />
      <entry key="autoRewriteSoapAddressForAllServices" value="true" />
    </cxf:properties>
  </cxf:cxfEndpoint>

    <camelContext xmlns="http://camel.apache.org/schema/spring">

    <route id="my-endpoint-http-route" streamCache="true">
      <from uri="cxf:bean:my-endpoint-http?dataFormat=MESSAGE" />
      <to uri="direct:myServiceDirect" />
    </route>
    <route id="my-endpoint-https-route" streamCache="true">
      <from uri="cxf:bean:my-endpoint-https?dataFormat=MESSAGE" />
      <to uri="direct:myServiceDirect" />
    </route>
        <route id="all" streamCache="true">
          <from uri="direct:myServiceDirect" />             
            <log message="headers1=${headers}" />
        </route>
    </camelContext>
   <cxfcore:bus/>
   <httpj:engine-factory bus="cxf">
      <httpj:engine port="8443">
        <httpj:tlsServerParameters secureSocketProtocol="TLSv1">
          <sec:keyManagers keyPassword="skpass">
            <sec:keyStore password="changeit" file="src/test/resources/certificate-stores/localhost-keystore.jks" />
          </sec:keyManagers>
          <!-- 
          <sec:trustManagers>
            - <sec:keyStore resource="certs/serviceKeystore.jks" password="sspass" type="JKS"/> -
            <sec:keyStore password="changeit" file="src/main/resources/certificate-stores/cacerts" />
          </sec:trustManagers>
           -->
          <sec:cipherSuitesFilter>
            <sec:include>.*_WITH_3DES_.*</sec:include>
            <sec:include>.*_WITH_DES_.*</sec:include>
            <sec:exclude>.*_WITH_NULL_.*</sec:exclude>
            <sec:exclude>.*_DH_anon_.*</sec:exclude>
          </sec:cipherSuitesFilter>
          <!-- <sec:clientAuthentication want="true" required="false"/> -->
        </httpj:tlsServerParameters>
      </httpj:engine>
    </httpj:engine-factory>
</beans>

有了这个,您应该可以访问:

文件src/test/resources/certificate-stores/localhost-keystore.jks应包含生成的密钥对(使用KeyStoreExplorer),并使用keyPassword(skpass)密钥密码保存,密钥库文件密码为password(changeit)